********************************************************************** * program description * * CGI-RPG program to add security to presenting documents over the * Internet. Once validation takes place the program will read an IFS * document and write it out to the browser using CGIDEV2 routines. * ********************************************************************** ********************************************************************** * compile options ********************************************************************** h** bnddir( 'TEMPLATE2' : 'QC2LE' ) h dftactgrp( *no ) /copy cgidev2/qrpglesrc,hspecs /copy cgidev2/qrpglesrc,hspecsbnd ********************************************************************** * files ********************************************************************** ********************************************************************** * prototypes ********************************************************************** /copy cgidev2/qrpglesrc,prototypeb /copy cgidev2/qrpglesrc,usec d ValidSession pr n d sessionid 15a Value d GetUserCode pr 12a d sessionid 15a Value d GetUserType pr 5a d sessionid 15a Value ********************************************************************** * standalone variables and data structures ********************************************************************** d string s 200a d fd s 10i 0 d wrdata s 24a d rddata s 32768a d flags s 10u 0 d mode s 10u 0 d Msg s 50a d Len s 10i 0 d count s 10i 0 d savedQuery s 32767a varying d session s 15a d document s 500a varying d filename s 500a varying d path s 500a varying d period s 5a varying d customer s 6a varying d type s 4a varying d nbr s 20a varying d file s 500a varying d disposition s 50a varying ********************************************************************** /free //‚populate input fields from browser query string monitor; zhbGetInput( savedQuery : qusec ); on-error; endmon; session = zhbGetVar( 'sessionid' ); path = zhbGetVar( 'path' ); filename = zhbGetVar( 'filename' ); file = %trim( path ) + '/' + %trim( filename ); disposition = zhbGetVar( 'disposition' ); if ( disposition <> 'inline' ); disposition = 'attachment'; endif; if not ChkIfsObj2( file ); string = 'Content-type: text/html' + x'25' + x'25' + 'File not found or access restricted.'; WrtNoSection( %addr(string) : %len(%trimr(string)) ); else; //‚open IFS document for read only flags = O_RDONLY; fd = open( file : flags ); if fd < 0; msg = 'open(): failed for reading' ; *inlr = *on; return; endif; ClrHtmlBuffer(); if ( %scan( '.xlsx' : file ) > 0 ) or ( %scan( '.XLSX' : file ) > 0 ); string = 'Content-Type: application/vnd.openxmlformats-' + 'officedocument.spreadsheetml.sheet; ' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif ( %scan( '.xls' : file ) > 0) or ( %scan( '.XLS' : file ) > 0); string = 'Content-Type: application/vnd.ms-excel; ' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif ( %scan( '.csv' : file ) > 0 ) or (%scan( '.CSV' : file ) > 0); string = 'Content-Type: text/csv; charset="UTF-8"' + x'25' + 'Content-Disposition: ' + disposition + '; filename="' + filename + '"' + x'25' + x'25' ; elseif ( %scan( '.pdf' : file ) > 0 ) or (%scan( '.PDF' : file ) > 0); string = 'Content-Type: application/pdf' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif %scan( '.docx' : file ) > 0 or %scan( '.DOCX' : file ) > 0; string = 'Content-Type: application/vnd.openxmlformats-' + 'officedocument.wordprocessingml.document; ' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif ( %scan( '.doc' : file ) > 0 ) or (%scan( '.DOC' : file ) > 0); string = 'Content-Type: application/msword' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif ( %scan( '.txt' : file ) > 0 or %scan( '.TXT' : file ) > 0 ); string = 'Content-Type: text/plain; charset="UTF-8"' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; elseif (%scan('.html' : file) > 0 or %scan('.HTML' : file) > 0 ); string = 'Content-Type: text/html; charset="UTF-8"' + x'25' + 'Content-Disposition: ' + disposition + '; ' + 'filename=' + filename + x'25' + x'25' ; endif; WrtNoSection( %addr(string) : %len(%trimr(string)) ); //‚read document from IFS len = read( fd : %addr(rddata) : %size(rddata) ); dow ( len > 0 ); WrtNoSection( %addr(rddata) : len ); len = read( fd : %addr(rddata) : %size(rddata) ); enddo; callp close(fd); endif; WrtSection( '*fini' ); *inlr = *on; /end-free